Matt Caswell [Mon, 14 Aug 2023 15:32:44 +0000 (16:32 +0100)]
Update quicserver to be able to handle multiple streams
We extend quicserver so that it can handle multiple requests with an
HTTP request on each one. If a uni-directional stream comes in we create
a uni-directional stream for the response
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21765)
Matt Caswell [Mon, 14 Aug 2023 14:40:52 +0000 (15:40 +0100)]
Add a QUIC multi-stream client demo
Demonstrate how to use the QUIC multi-stream APIs with a simple blocking
client.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21765)
Matt Caswell [Fri, 11 Aug 2023 15:15:43 +0000 (16:15 +0100)]
Add an initial guide page for writing a multi-stream QUIC client
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21765)
Matt Caswell [Fri, 11 Aug 2023 15:24:47 +0000 (16:24 +0100)]
Update some links within the guide to not use crypto(7)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21765)
Matt Caswell [Wed, 9 Aug 2023 16:43:13 +0000 (17:43 +0100)]
Update the desciption of shutdown in the QUIC client blocking tutorial
Give a better description of the shutdown process in QUIC.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21765)
Matt Caswell [Mon, 21 Aug 2023 15:10:53 +0000 (16:10 +0100)]
Test that we send multiple datagrams in one go if appropriate
If we have enough data for more than one datagram then we should send more
than one datagram
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21798)
Matt Caswell [Fri, 18 Aug 2023 10:55:50 +0000 (11:55 +0100)]
Don't keep creating CONNECTION_CLOSE frames
If we want to send a CONNECTION_CLOSE frame then one is enough unless we
are scheduled to send another one. Now that we can create more than one
datagram in one go this is now required.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21798)
Matt Caswell [Thu, 17 Aug 2023 14:35:15 +0000 (15:35 +0100)]
Keep sending datagrams while we have data to send
If we've got more data to send than will fit in a single datagram we should
keep generating those datagrams until we've sent it all.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21798)
Ingo Franzki [Wed, 23 Aug 2023 13:08:51 +0000 (15:08 +0200)]
Allow RSA-PSS also in EVP_PKEY_assign() and EVP_PKEY_can_sign()
Treat keys with EVP_PKEY_RSA_PSS the same as EVP_PKEY_RSA in EVP_PKEY_can_sign()
and detect_foreign_key() which is called by EVP_PKEY_assign().
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21819)
Ingo Franzki [Wed, 23 Aug 2023 07:45:45 +0000 (09:45 +0200)]
ctrl_params_translate: Allow get_rsa_payload_x() also for RSA-PSS
The get_rsa_payload_x() functions should also allow to get the payload
for RSA-PSS keys.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21818)
Ingo Franzki [Wed, 23 Aug 2023 07:20:52 +0000 (09:20 +0200)]
ctrl_params_translate: Allow RSA controls also for RSA-PSS
Controls 'rsa_keygen_pubexp' and 'rsa_keygen_primes' should also be allowed
for RSA-PSS keys.
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21818)
Jakub Jelen [Wed, 23 Aug 2023 11:24:57 +0000 (13:24 +0200)]
doc: Avoid usage of non-existing constant
CLA: trivial
Fixes: #21809
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21817)
Xu Yizhou [Wed, 23 Aug 2023 09:30:09 +0000 (17:30 +0800)]
Optimize SM2 on aarch64
Signed-off-by: Xu Yizhou <xuyizhou1@huawei.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20754)
Hugo Landau [Wed, 23 Aug 2023 07:19:01 +0000 (08:19 +0100)]
QUIC: Rename SSL_set_initial_peer_addr to SSL_set1_initial_peer_addr
Fixes #21701
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21814)
Matt Caswell [Thu, 17 Aug 2023 13:32:53 +0000 (14:32 +0100)]
Add a -trace option to quicserver to enable tracing of the communication
Trace output of the communication with the client is dumped to stderr if
the -trace options is supplied
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21800)
Matt Caswell [Thu, 17 Aug 2023 13:32:00 +0000 (14:32 +0100)]
Add the ability to set SSL_trace as the msg_callback in tserver
This is useful for debugging purposes. The standard SSL_trace msgcallback
can be used with tserver.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21800)
olszomal [Tue, 22 Aug 2023 08:20:07 +0000 (10:20 +0200)]
Fixed default value of the "ess_cert_id_alg" option in man openssl-ts(1)
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21805)
Matt Caswell [Tue, 22 Aug 2023 14:56:18 +0000 (15:56 +0100)]
Change the TLS handshake keys early if we're not doing early data
We change the client TLS handshake keys as late as possible so that we
don't disturb the keys if we are writing early data. However for QUIC we
want to do this as early as possible (after ServerHello). Since we will
never do TLS early data with QUIC we just do it as early as possible if
early data is not being used.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21810)
Matthias St. Pierre [Tue, 22 Aug 2023 10:56:30 +0000 (12:56 +0200)]
doc: add the migration guide to the new guide series
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21807)
Tomas Mraz [Mon, 21 Aug 2023 20:33:52 +0000 (22:33 +0200)]
Update CHANGES.md and NEWS.md for the upcoming 3.2 release
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21802)
Tomas Mraz [Fri, 18 Aug 2023 16:32:21 +0000 (18:32 +0200)]
quic_impl.c: Add QUIC_RAISE_NON_IO_ERROR() and use it
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21700)
Tomas Mraz [Fri, 18 Aug 2023 15:08:18 +0000 (17:08 +0200)]
ossl_quic_tx_packetiser_generate(): Always report if packets were sent
Even in case of later failure we need to flush
the previous packets.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21700)
Tomas Mraz [Wed, 9 Aug 2023 15:32:49 +0000 (17:32 +0200)]
QUIC: Miscellaneous error handling updates
Raise errors when appropriate.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21700)
Tomas Mraz [Wed, 9 Aug 2023 14:28:41 +0000 (16:28 +0200)]
QUIC: Add ERR_raise() calls for EVP call failures
This improves tracking where the failure was triggered.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21700)
Tomas Mraz [Wed, 9 Aug 2023 13:10:10 +0000 (15:10 +0200)]
Remove TODO(QUIC) about raising errors from ossl_quic_tls_tick()
This was already resolved by https://github.com/openssl/openssl/pull/21547
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21700)
Matt Caswell [Mon, 21 Aug 2023 11:19:44 +0000 (12:19 +0100)]
Fix a leak in ossl_encode_ctx_setup_for_pkey
Make sure we free the stack of names we allocated in an error path.
Found by the reproducible error patch in #21668
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/21796)
Tomas Mraz [Thu, 17 Aug 2023 14:23:36 +0000 (16:23 +0200)]
qtest: Use fake time on both client and server
And use QTEST_FLAG_FAKE_TIME with test_ssl_trace().
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21713)
Tomas Mraz [Tue, 15 Aug 2023 18:53:32 +0000 (20:53 +0200)]
qtest: Run both client and server during connect
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21713)
Tomas Mraz [Tue, 15 Aug 2023 18:15:53 +0000 (20:15 +0200)]
QUIC: Update ping deadline when we receive a packet
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21713)
Tomas Mraz [Thu, 10 Aug 2023 17:06:13 +0000 (19:06 +0200)]
quic_trace.c: Fix typo in traces
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21713)
Tomas Mraz [Thu, 10 Aug 2023 17:04:40 +0000 (19:04 +0200)]
Update the ssltraceref.txt
Also adds saving the new trace to ssltraceref-new.txt in
test-runs which can be handy when the trace changes and
needs to be updated.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21713)
Tomas Mraz [Thu, 10 Aug 2023 16:07:49 +0000 (18:07 +0200)]
QUIC: Do not discard the INITIAL el too early
RFC says that successful decryption of HANDSHAKE el packet
triggers the discard on server side only.
On client we discard INITIAL el when we successfully send
a HANDSHAKE packet.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21713)
Frederik Wedel-Heinen [Fri, 7 Jul 2023 11:17:11 +0000 (13:17 +0200)]
Updates documentation of RC4_CHAR and RC4_INT: Should not be used for new configuration targets
Fixes: #21358
CLA: trivial
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21391)
Matt Caswell [Fri, 18 Aug 2023 15:30:46 +0000 (16:30 +0100)]
Test that a thread blocking in SSL_read_ex() will wake up on FIN
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21780)
Matt Caswell [Fri, 18 Aug 2023 14:57:41 +0000 (15:57 +0100)]
Handle the case where the read buffer is empty but we have received FIN
In some cases where a FIN has been received but with no data quic_read_actual
was failing to raise SSL_ERROR_ZERO_RETURN. This meant that we could end up
blocking in SSL_read(_ex) for too long.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21780)
shub-al [Thu, 17 Aug 2023 13:21:26 +0000 (16:21 +0300)]
ssl_get_min_max_version(): Remove unused variable single
CLA: trivial
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21768)
Tomas Mraz [Wed, 16 Aug 2023 14:29:01 +0000 (16:29 +0200)]
ossl_x509_store_ctx_get_by_subject(): Check return value of X509_STORE_lock()
Fixes Coverity
1539148
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
Tomas Mraz [Wed, 16 Aug 2023 14:18:59 +0000 (16:18 +0200)]
cmp_genm.c: Remove superfluous store_ctx != 0 check
This really cannot be ever called with NULL store_ctx
and the check confuses Coverity.
Fixes Coverity
1538865
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
Tomas Mraz [Wed, 16 Aug 2023 14:07:10 +0000 (16:07 +0200)]
ssl_old_test.c: Check inconsistent values from SSL_get0_alpn_selected()
Fixes Coverity
1534838
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
Tomas Mraz [Wed, 16 Aug 2023 13:58:33 +0000 (15:58 +0200)]
apps/spkac.c: Check result of ASN1_STRING_set()
Fixes Coverity
1027256
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
Tomas Mraz [Wed, 16 Aug 2023 14:48:28 +0000 (16:48 +0200)]
quic_new_record_layer(): Change TODO(QUIC) to QUIC FUTURE
Fixes openssl/project#134
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21756)
Rob Stradling [Tue, 15 Aug 2023 20:07:25 +0000 (21:07 +0100)]
Add two missing entries to the OCSP CRLReason table
CLA: trivial
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21743)
Matt Caswell [Wed, 16 Aug 2023 11:15:07 +0000 (12:15 +0100)]
Fix a memory leak in tls_new_record_layer
If setting the crypto state has failed then memory might have been
partially allocated to fields within the partially constructed record
layer. We need to call tls_int_free() to properly free it.
Found by the reproducible error patch in openssl#21668
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21753)
vl-loz [Wed, 9 Aug 2023 22:56:27 +0000 (15:56 -0700)]
Add X509_STORE_CTX_set_get_crl and X509_STORE_CTX_set_current_reasons
This change is for feature request #21679.
Adds a couple of setters to aid with custom CRL validation.
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21737)
Hugo Landau [Tue, 1 Aug 2023 15:51:16 +0000 (16:51 +0100)]
QUIC: Update SSL_shutdown manpage
Fixes https://github.com/openssl/project/issues/138
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21618)
Hugo Landau [Tue, 1 Aug 2023 14:04:42 +0000 (15:04 +0100)]
QUIC: Update SSL_accept_stream manpage
Fixes https://github.com/openssl/project/issues/135
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21618)
Matt Caswell [Tue, 15 Aug 2023 14:33:34 +0000 (15:33 +0100)]
Don't free the prev BIO prematurely
We shouldn't free the prev BIO in ssl_set_new_record_layer until it is
no longer referenced by s->rlayer.rrlnext.
Found by the reproducible error patch in #21668
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21741)
Matt Caswell [Tue, 15 Aug 2023 14:05:38 +0000 (15:05 +0100)]
Fix a leak in an error path when duplicating an OSSL_DECODER_CTX.
Make sure we free process_data_dest if it is not actually used.
Found by the reproducible error patch in #21668
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21741)
Neil Horman [Fri, 11 Aug 2023 19:50:59 +0000 (15:50 -0400)]
issue-21718: remove setting of PTHREAD_MUTEX_NORMAL
issue: https://github.com/openssl/openssl/issues/21718
build break reported:
crypto/threads_pthread.c:76:5: warning: implicit declaration of function 'pthread_mutexattr_settype'; did you mean 'pthread_mutexattr_destroy'? [-Wimplicit-function-declaration]
76 | pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_NORMAL);
| ^~~~~~~~~~~~~~~~~~~~~~~~~
| pthread_mutexattr_destroy
crypto/threads_pthread.c:76:38: error: 'PTHREAD_MUTEX_NORMAL' undeclared (first use in this function); did you mean 'PTHREAD_MUTEX_TIMED_NP'?
76 | pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_NORMAL);
| ^~~~~~~~~~~~~~~~~~~~
| PTHREAD_MUTEX_TIMED_NP
This occurs because PTHREAD_MUTEX_NORMAL is only defined in glibc if
__USE_UNIX98 or __USE_XOPEN2K8 is defined, which is derived from setting
__USE_POSIX_C_SOURCE or __XOPEN_SOURCE is selected in the glibc feature
set for a build. Since openssl selects no specific feature set from
glibc, the build break occurs
We could select a feature set of course, but that seems like a
significant discussion to have prior to doing so. Instead, the simpler
solution is to just not set the mutex type at all, given that
pthread_mutexattr_init sets the default mutex type, which should be akin
to normal anyway (i.e. no mutex error checking or allowed-recursive
behavior)
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21726)
slontis [Fri, 16 Jun 2023 06:40:06 +0000 (16:40 +1000)]
Fix decoders so that they use the passed in propq.
Fixes #21198
decoder objects were setting propq as NULL.
Added a set_ctx/settable_ctx to all decoders that should supply
a property query parameter to internal functions.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21219)
Neil Horman [Mon, 14 Aug 2023 16:17:11 +0000 (12:17 -0400)]
Improve documentation for BIO_s_mem
Recent leak discovered by valgrind:
==
1007580== at 0x483C815: malloc (vg_replace_malloc.c:431)
==
1007580== by 0x2C2689: CRYPTO_zalloc (in /home/vien/microedge-c/test)
==
1007580== by 0x295A17: BUF_MEM_new (in /home/vien/microedge-c/test)
==
1007580== by 0x295A78: BUF_MEM_new_ex (in /home/vien/microedge-c/test)
==
1007580== by 0x28CACE: mem_new (in /home/vien/microedge-c/test)
==
1007580== by 0x285EA8: BIO_new_ex (in /home/vien/microedge-c/test)
==
1007580== by 0x231894: convert_pubkey_ECC (tpm2_driver.c:221)
==
1007580== by 0x232B73: create_ephemeral_key (tpm2_driver.c:641)
==
1007580== by 0x232E1F: tpm_gen_keypair (tpm2_driver.c:695)
==
1007580== by 0x22D60A: gen_keypair (se_driver_api.c:275)
==
1007580== by 0x21FF35: generate_keypair (dhkey.c:142)
==
1007580== by 0x24D4C8: __test_dhkey (dhkey_test.c:55)
led me to find that BIO_get_mem_data is informative only, it does not
transer ownership of a BIO_s_mems data structure to the caller.
Additionally treating it as such leads to the above leak, or possibly
data corruption in the event that BIO_set_close(bio, BIO_NOCLOSE) is not
set properly prior to calling BIO_free.
Made an attempt to fix it in a minimally invasive manner in the 3.1
branch, but based on discussion, its just not safe to do in an API
compatible way, so just document the sematics a little more clearly
here, and fix it properly in a future release
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21724)
(cherry picked from commit
66d1658b4d88c66b27a8a538b2fb365ef1907936)
Pauli [Tue, 1 Aug 2023 23:35:35 +0000 (09:35 +1000)]
quic: process stateless resets
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21649)
3lswear [Wed, 9 Aug 2023 13:25:51 +0000 (16:25 +0300)]
Check i2d_X509_NAME return in X509_NAME_hash_ex/old
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21697)
Dr. David von Oheimb [Tue, 23 May 2023 19:54:26 +0000 (21:54 +0200)]
http_server.c: allow clients to connect with IPv6
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/21033)
Matt Caswell [Fri, 11 Aug 2023 10:22:02 +0000 (11:22 +0100)]
Fix a leak in an error path in OSSL_DECODER_CTX_new_for_pkey()
Found via the reproducible error injection in #21668
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21723)
Matt Caswell [Tue, 8 Aug 2023 13:05:58 +0000 (14:05 +0100)]
Fix a use-after-free in quic_tls.c
The comments in quic_tls.c claimed that the dummybio was never used by
us. In fact that is not entirely correct since we set and cleared the
retry flags on it. This means that we have to manage it properly, and update
it in the event of set1_bio() call on the record layer method.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Mon, 7 Aug 2023 15:53:24 +0000 (16:53 +0100)]
Add a test for receiving a post-handshake CertificateRequest
This should result in a QUIC PROTOCOL_VIOLATION
We also add tests for a post-handshake KeyUpdate, and a NewSessionTicket
with an invalid max_early_data value.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Mon, 7 Aug 2023 14:48:01 +0000 (15:48 +0100)]
Add the ability to send NewSessionTicket messages when we want them
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Mon, 7 Aug 2023 13:45:55 +0000 (14:45 +0100)]
TLS KeyUpdate messages are not allowed in QUIC
We already disallowed the sending of TLS KeyUpdate messages. We also treat
the receipt of a TLS KeyUpdate message as an unexpected message.
RFC 9001 section 6:
Endpoints MUST treat the receipt of a TLS KeyUpdate message as a connection
error of type 0x010a, equivalent to a fatal TLS alert of unexpected_message;
see Section 4.8.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Mon, 7 Aug 2023 11:21:20 +0000 (12:21 +0100)]
NewSessionTickets with an early_data extension must have a valid max value
The max_early_data value must be 0xffffffff if the extension is present in
a NewSessionTicket message in QUIC. Otherwise it is a PROTOCOL_VIOLATION.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Tue, 8 Aug 2023 10:23:39 +0000 (11:23 +0100)]
Don't forget we are doing QUIC if we clear the QUIC TLS data
We should retain the TLS1_FLAGS_QUIC setting in in s3.flags even after a
"clear" operation.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Matt Caswell [Wed, 2 Aug 2023 15:43:11 +0000 (16:43 +0100)]
Unexpected QUIC post-handshake CertificateRequests are a PROTOCOL_VIOLATION
An OpenSSL QUIC client does not send the post_handshake_auth extension.
Therefore if a server sends a post-handsahke CertificateRequest then this
would be treated as a TLS protocol violation with an "unexpected message"
alert code. However RFC 9001 specifically requires us to treat this as
QUIC PROTOCOL_VIOLATION. So we have to translate the "unexpected message"
alert code in this one instance.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21686)
Richard Levitte [Mon, 14 Aug 2023 10:38:44 +0000 (12:38 +0200)]
Remove include/internal/decoder.h, as it's superfluous
The routines declared in there are entirely libcrypto internal, so
include/crypto/decoder.h is better suited for them.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/21733)
Matt Caswell [Fri, 11 Aug 2023 08:42:36 +0000 (09:42 +0100)]
Fix no-dsa in combination with no-err
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21722)
Matt Caswell [Fri, 11 Aug 2023 08:41:57 +0000 (09:41 +0100)]
Fix no-dtls and no-tls in combination
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21722)
Tomas Mraz [Mon, 7 Aug 2023 18:48:09 +0000 (20:48 +0200)]
ssl_local.h: Define SSL_OP_CISCO_ANYCONNECT if undefined in public headers
Fixes #21626
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
Tomas Mraz [Mon, 7 Aug 2023 18:41:11 +0000 (20:41 +0200)]
ossl_qrl_enc_level_set_provide_secret(): Clear el->md on error
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
Tomas Mraz [Mon, 7 Aug 2023 18:04:07 +0000 (20:04 +0200)]
quic_record_test.c: For tests that require ChaCha require also Poly1305
as both algorithms are really needed.
Fixes #21625
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
Tomas Mraz [Mon, 7 Aug 2023 17:52:32 +0000 (19:52 +0200)]
quicapitest.c: Fix missing wait_until_sock_readable()
Fixes #21624
With OPENSSL_NO_POSIX_IO or OPENSSL_NO_SOCK the function
wait_until_sock_readable() currently does not exist.
Define empty wait_until_sock_readable() when building
with no-posix-io.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
Tomas Mraz [Mon, 7 Aug 2023 16:34:50 +0000 (18:34 +0200)]
quicserver.c: Use BIO_printf to stderr instead of plain printf
Fixes #21623
Also do not build quicserver with no-stdio as it is a test
utility and tests are disabled with no-stdio anyway.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21677)
Matt Caswell [Fri, 11 Aug 2023 10:51:15 +0000 (11:51 +0100)]
Don't call ossl_assert on the result of bn_wexpand
bn_wexpand can fail as the result of a memory allocation failure. We
should not be calling ossl_assert() on its result because it can fail in
normal operation.
Found via the reproducible error injection in #21668
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/21725)
Hugo Landau [Wed, 9 Aug 2023 07:36:38 +0000 (08:36 +0100)]
Minor fixes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Fri, 28 Jul 2023 17:03:10 +0000 (18:03 +0100)]
QUIC CHANNEL: Tune RXFC default parameters
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:29:42 +0000 (16:29 +0100)]
QUIC TEST: Fix double close of FD (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:24:34 +0000 (16:24 +0100)]
QUIC UINT_SET: Fix null dereference (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:23:20 +0000 (16:23 +0100)]
QUIC TSERVER: Handle return value correctly (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:17:33 +0000 (16:17 +0100)]
QUIC APL: Add missing unlock call (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:16:32 +0000 (16:16 +0100)]
QUIC: Check block_until_pred return value in shutdown (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:11:45 +0000 (16:11 +0100)]
QUIC QTX: Handle negative IV values correctly (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:06:42 +0000 (16:06 +0100)]
QUIC QTLS: Fix NULL dereference (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:05:18 +0000 (16:05 +0100)]
QUIC QRX: Handle negative IV length values correctly (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 15:00:39 +0000 (16:00 +0100)]
QUIC CC TEST: Fix memory leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:57:51 +0000 (15:57 +0100)]
EVENT QUEUE: Fix memory leak (coverity)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:56:54 +0000 (15:56 +0100)]
QUIC FIFD: Coverity
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:56:44 +0000 (15:56 +0100)]
QUIC FC: TEST: Coverity
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:56:19 +0000 (15:56 +0100)]
QUIC TEST: Coverity - Ensure stream names are non-NULL
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:56:02 +0000 (15:56 +0100)]
QUIC SSTREAM: Fix test which was not being executed fully
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 14:55:34 +0000 (15:55 +0100)]
QUIC UINT_SET: Fix regression after list refactor
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 13:47:31 +0000 (14:47 +0100)]
QUIC TXP: Re-enable accidentially disabled tests
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 12:50:45 +0000 (13:50 +0100)]
QUIC TEST: STREAM, MAX_DATA and MAX_STREAM_DATA testing
Fixes https://github.com/openssl/project/issues/76
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 12:35:26 +0000 (13:35 +0100)]
QUIC TXP: Fix bug where TXPIM PKT could be used after free
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Thu, 27 Jul 2023 10:24:39 +0000 (11:24 +0100)]
QUIC TEST: RESET_STREAM, STOP_SENDING
Fixes https://github.com/openssl/project/issues/80
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Connection closure reason testing
Fixes https://github.com/openssl/project/issues/82
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC APL/CHANNEL: Wire up connection closure reason
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Test repeated HANDSHAKE_DONE, non-minimal encoding
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Test NEW_CONN_ID frames
Fixes https://github.com/openssl/project/issues/86
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Test malformed crypto stream data, excess buffering
Fixes https://github.com/openssl/project/issues/85
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Ensure bogus BLOCKED frames are ignored
Fixes https://github.com/openssl/project/issues/81
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Ensure PATH_RESPONSE is ignored
Fixes https://github.com/openssl/project/issues/77
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
Hugo Landau [Wed, 26 Jul 2023 17:10:16 +0000 (18:10 +0100)]
QUIC TEST: Test ACK frame generation
Fixes https://github.com/openssl/project/issues/75
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21565)
projects / openssl.git / log